After Safari, it’s now Firefox that will apparently refuse third-party cookies by default. The Mozilla Foundation claims it’s for better privacy for its users, I think the mid-term effect will be the opposite.
Third-party cookies are used by online advertising companies to track users. The tracking done is mostly about counting displays and clicks, and what is called “conversions” (the act of buying an advertised product after having been exposed to an ad). It can also be used to build a behavioral profile in order to enhance the targeting. This is how the advertising industry works, the tracking done allows for better targeting and more income for those companies.
I think there is a lot of hypocrisy here, the advertising industry is the most enormous sponsor of the web, indirectly or directly. You hate ads but you use Google services? Did you know that 96% of Google’s revenue come from advertising? It’s just one example but it speaks for itself.
Without the advertising industry, the web as we know it would not exist. How many open source projects are sponsored by Google? How many of you, software engineers who read those lines are working for a company that relies on the online advertising industry for earning money? How many newspaper do you read online without paying a dime?
You get the point, remove ads from the internet, you’ll remove so much money from there, you’ll basically kill the web.
So, what will happen if all main browsers kill thrid-party cookies by default? Well, the impact on advertisers is pretty simple: they won’t be able to track many users. Their business model will be exposed, they will need to react.
What are their options?
Fingerprinting. It’s working very well. And I mean, very well. Companies such as AdTruth are even making their whole business out of it, and they’re very successful. The idea of device fingerprinting is to identify a device transparently by collecting as many metrics as possible (silently, most of time in JavaScript) to compose a signature that should be as stable and unique as possible.
It’s obvious that if all browsers drop third-party cookies by default, all the industry will move to fingerprinting and this will be even worse for the user: you can remove a cookie, you can see it, you can configure how you want your browser to deal with it. You can’t do that with fingerprinting.
Everything is behind the scene.
The Do Not Track header was a very good idea, this one is counter-effective regarding users privacy, on the long term.
Think twice Mozilla, if what you really want to do is protecting your users privacy…
It seems that you’re implying that advertising is “a necessary evil”, and that the Internet won’t survive without it. That’s an annoying fact. Although Mozilla’s move seems a little bit silly (Google is their main source of revenue after all), it may be that a kick in the hornet’s nest is needed here. I hope, like you do, that it won’t harm privacy, rather than protect it.
But mostly, I’m not worried about advertisers. There are always (new) ways to track, and identify us — when we’re not busy identifying ourselves on social networks. In the end it is a rigged game of whack-a-mole, and if you think you have some privacy when surfing with all your Javascript off and ad-blockers on, you’re wrong: big brother is always watching! ;)
Interestingly, if you surf with disabling third-party cookies, you’ll also notice that some services likes Disqus (a comments service) cease to work, and display instructions on how to re-enable them…
Hey oz! Nice to read from you :)
Well, I don’t say advertising is a “necessary evil”, I actually don’t think it’s evil, otherwise I would say I am evil, and despite the fact it sounds really great to my Metallica-fan-ears, I don’t think so!
I say that advertising is what powers the Internet. I know this is a rather shocking point of view for free software gurus, but it’s the reality. I’m sorry. Again, read the story of Google, they started being successful (business-wise) when they did AdWords. Remove Google from the landscape, and forget about a lot of what we use today, your phone maybe? No more advertising? OK, no more slashdot, no more news, no more nothing. Even the popular blogs now fund their content via advertising.
It’s not a necessary evil, it’s a natural funding method for the Internet. Ask Darwin ;)
Anyway, my main point here is more that Mozilla is hypocrite here, I can tell you (I’m in a pretty good position to watch that coming) fingerprinting is going to be there, badly.
So doing that for more privacy? Either they’re stupid, or hypocrite, you choose!
“advertising is what powers the Internet”
Well, that, and p0rn, of course…
That said, I remember a time when Internet had (almost) no advertising, and it was not possible to pay online. Nobody was buying stuff on the internet, and website were full of animated gifs… These were the times :) Freedom on Internet seemed to be better at that time though.